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NEW TECHNOLOGIES FOR NEW AVENUES 


Automotive loT stands as one of the industry's most revolutionary advancements, allowing vehicles to become smarter, safer, and 
more efficient. But like any technological development, intelligent and proven security is key to help keep yourself and your data safe 
from advanced or targeted attacks. 





TREND MICRO IOT SECURITY FOR AUTOMOTIVE 


Trend Micro™ loT Security (TMIS) for Automotive, powered by XGen™, is a built-in security software that monitors and protects 
critical devices (e.g. IVI) in the vehicle from potential risks, including data theft and ransomware attacks. It ensures system integrity 
and reduces the attack surface. In doing so, it not only helps keep devices from being hacked, but also minimizes device maintenance 
costs and protects OEM's reputation. 








The design philosophy for connected car security is different from that for the security of other computing systems. Hybrid whitelisting, 
plus lightware signature-based blacklisting solutions, are suitable because low overhead for a vehicle's system is required. Ensuring 
device integrity, confidentiality, identification, and operation continuity are all vital when implementing automotive security. 
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Network inside vehicle 
ECUs ECUs ECUs 


e Unsecured design/code 


e Third-party library 
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e Poor authentication/authorization 


e Open network ports 


e Undetected process behavior 
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SECURING CONNECTED VEHICLE ENDPOINTS 





In order to sufficiently address all possible risks, Trend Micro provides an end-to-end solution for connected vehicle ecosystems. TMIS 
for Automotive can be integrated (pre-installed) into critical devices inside the car during the product development phase. 


As a security sensor, TMIS supports automotive SOC for incident response, which is part of the cybersecurity requirements in the 


operations phase. 


SYSTEM HARDENING 


Checks whether the content of the 
network belongs to the attack 
packet and blocks the traffic while 
ensuring the normal operation of 
the network. 
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The Approved Application List 
(AAL) feature allows authorized 
processes and applications to 
perform certain activities on the 
device. 


Hosted IPS Whitelisting 
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RISK DETECTION & WRS 


The virtual patch is used to shield 
the network from attacks initiated 
by known vulnerabilities until the 
vendor is ready to update with the 
fixed firmware. 


J AAL policies are automatically 

| generated on local devices (policy 
is configurable). Supports 
Block/Monitor mode and works 
without internet connection. 


Monitors and matches AS] Orrene When a device tries to visit a 
open-source libraries with CVE's IZ URL/website, TMIS performs 
known vulnerabilities. R) sony. reputation checks using Trend 
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Vulnerability check 
Configurable whitelist rules to 
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A< jad CAN Bus Anomaly ba Oo ignore specific IP/domain check. 
Detection . 


A deployable detector in the vehicle gateway and an alert for abnormal CAN Bus Anomaly 
Detection messages were found, including CAN Bus Anomaly Detection ID, frequency, payload 
structure, and payload sequence. An anomaly log can be uploaded to the backend or the 
automotive SoC for further analysis or to trigger follow up actions. 





Cloud-based scanning without 
system overhead in device. 


Micro Web Reputation Services 


(WRS) to obtain a reputation 
WRS for loT score. 
[j 


Information about detected 
vulnerabilities for devices are 
included in email reports. 


SECURITY REPORTS AND NOTIFICATIONS 
TMIS sends the following types of reports and notifications to administrators: 


e Device summary 


e Security detection information e License expiration notification 


e Vulnerability report e Virtual patch deployment notification 


The security detection log is also saved in local storage and can be accessed by device makers for specific purposes. It allows service 
providers and device vendors to more easily integrate value-added security features in their offerings. 





TMIS SYSTEM REQUIREMENTS 











Embedded Linux® / Android® / 


Raspberry Pi 6.7 MB ~ 35.9 MB* 


Storage 








ARM MIPS X86 Memory 20.4 MB* 














*This data is for reference only. Actual resource consumption will vary according to usage. 
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